CyberSecurity Team Lead, Infrastructure and Application

TL;DR

Cybersecurity Team Lead (Application Security): Architecting and enforcing the security posture of Mistral AI's technical stack, from on-premise to cloud deployments with an accent on vulnerability management lifecycle. Focus on security standards, automation within the development lifecycle, and rapid remediation.

Location: Paris (on-site hybrid).

Company

Mistral AI democratizes AI through high-performance, optimized, open-source and cutting-edge models, products and solutions.

What you will do

• Oversee the identification, prioritization, and remediation of vulnerabilities across both On-Prem and Cloud infrastructures as well as internal applications.
• Select, deploy, and maintain the tools needed for visibility and protection, including CNAPP, CSPM, SAST/DAST, secret scanning, and SBOM/CVE tracking.
• Integrate security controls and automated gates directly into CI/CD pipelines to catch vulnerabilities before deployment (Shift Left).
• Partner with engineering teams to interpret findings and "ease the fix," providing patches, code snippets, or architectural advice to resolve issues quickly.
• Define and maintain rigorous security guidelines and best practices for developers and system administrators.
• Design and lead security awareness programs and technical training tailored for developers and admins to reduce human risk.

Requirements

• 6+ years of experience in Information Security, with a specific focus on Application Security, Cloud Security, or DevSecOps.
• Strong scripting skills (Python, Go, or Bash) to automate security tasks and integrate tools.
• Deep understanding of CI/CD ecosystems and container orchestration (Kubernetes/Docker).
• Hands-on experience with modern security tooling (e.g., Wiz, Snyk, SonarQube, Prisma, or similar enterprise tools).
• Collaborative mindset: you view developers as partners, not adversaries, and focus on enabling them to code securely.
• Clear communication, autonomous, and capable of translating technical security risks into actionable engineering tasks.

Nice to have

• Industry certifications such as CISSP, CCSP, OSCP, or cloud-specific security certifications.
• Strong Infrastructure as Code (IaC) experience with Terraform or Ansible.
• Experience in offensive security (Penetration Testing) to better understand attacker mindsets.
• Prior experience securing large-scale AI or Machine Learning infrastructure.

Culture & Benefits

• Dynamic, collaborative team passionate about AI and its potential to transform society.
• Our diverse workforce thrives in competitive environments and is committed to driving innovation.
• Teams are distributed between France, USA, UK, Germany and Singapore.
• Creative, low-ego and team-spirited.

Hiring process

• Introduction call (30 min)
• Hiring Manager (30 min)
• Technical Round (75 min)
• Value talk / Culture fit (30 min)